A data-driven future in financial services
When it comes to analysing financial transaction data, you need to take every precaution to preserve the customer’s privacy. Data anonymization plays a key role in staying GDPR-compliant.
Read how a major German bank reduced their compliance overhead by 83% and managed to get deeper insights into their customer’s behaviour by integrating Aircloak Insights.
“Using Aircloak Insights, I don’t even have to think about privacy.
I can query any data I want, and I can give the answer to anyone.”
Analyst
Key Highlights
Industry: Finance
Country: Germany
Impact:
• Improved Customer Intelligence
• Optimized Compliance Workflow
Technologies in Use:
• MongoDB Database
• Queries via SQL or Tableau
Overview
Our customer is one of the largest banks in Germany. As with many of its competitors, the bank’s strategic orientation is characterised by digitisation and is strongly customer-centred.
“We approach everything we do from the customer’s point of view. What do our customers need today, what do they want tomorrow? And much more: What wishes and requirements can we fulfil, so that our customers won’t even have to express them?” – Director at German Bank
The bank initiated a variety of different projects with the aim of staying competitive in a market increasingly saturated by FinTech companies offering polished, consumer friendly services and other large, data-driven companies planning to enter this market.
One of these projects is a smartphone-based personal finance management tool. Customers log in with their bank account and can then use features such as multibanking, recognizing transaction interrelations, financial outlook, creation of goals and reporting.
Challenge
The biggest challenge by far in the development of the app was to ensure data security.
Various IT security best practices were used to ensure comprehensive security, in the app, in the infrastructure and on the part of data analytics.
While security measures in the infrastructure – once set up – promised permanent security, anonymous analytics were considerably more difficult to implement.
At first, the bank tried to develop its own anonymization algorithm. The manual process required an employee with data protection background, took way too much time, the quality of the data suffered significantly and the anonymized data had to be checked for privacy afterwards.
Analytics Before Implementing Aircloak
For regular manual anonymization, expert knowledge with a statistical and privacy background was necessary in order to guarantee complete anonymization while maintaining the data’s information content
Obtaining approval from the DPO for each iteration of the anonymization process was extremely time-consuming
Possibilities for attacks are constantly evolving and so regular Privacy Impact Assessments had to be carried out to check whether the anonymization was still state of the art
Achieving compliance with GDPR and meeting their own very high privacy standards, while staying efficient and agile meant finding another solution.
Want to learn more about
data anonymization and Aircloak?
Subscribe to our low volume, no bullshit, mailing list to stay up to date with the latest information about Aircloak, Aircloak Insights and our approach to anonymization.
Solution and Setup
It was quickly decided to look for an external data anonymization solution.
After getting in touch with us, Aircloak Insights PoC was set up and ready to use within a few weeks. Now, analysts at the bank query the original dataset via an SQL-interface.
The results are perfectly anonymized and they don’t have to worry about setup, the privacy level or a privacy budget as would have been the case with other anonymization methods like differential privacy.
Additionally, every data scientist at the bank can work with that database via the Aircloak interface – no special knowledge about privacy or anonymization is needed as the anonymization is done automatically by Aircloak.
Daily Work with Aircloak
Because Aircloak Insights operates independent of the specific use case, and always applies correct anonymization on the fly, analysts are now able to be much more creative and explorative when processing the collected data.
Specifically, working with the free text fields in the transaction data had been an issue in the past – after all, since end users can fill them with anything, including highly sensitive information, manual anonymization turned out to be very tricky.
For example, it was important for the bank to evaluate the family status of their users. Analysing the transactions including child allowance payment enables a deep understanding of the end users’ situation.
Via Aircloak you simply query the SQL to search for transactions with the word “Child allowance” in the reference. The result is aggregated by month on user count and returns the count of users who receive child allowance.
Other questions that can now be answered are:
- How is our customer base developing?
- How many / which insurances are used?
- How loyal are customers?
- Which customer groups have the most cross- and upselling potential for other finance products?
With the integration of data visualisation tools like Tableau, it is now also possible to obtain detailed information on income distribution in the various districts of a city – without infringing individual users’ privacy, of course.
Thanks to Aircloak Insights the bank was able to:
Reduce the time to execution from weeks to seconds
Decrease the compliance overhead by 83%
Avoid waiting for DPO’s approval or worrying about GDPR-compliance anymore
Get deeper insights in their customer’s demands due to the high data quality
Evaluate all data points would otherwise have been restricted due to compliance reasons
Get more analytics done because of the automatic data anonymization process with Aircloak